On Feistel Structures Using a Diffusion Switching Mechanism

We study a recently proposed design approach of Feistel structure which employs diffusion matrices in a switching way. At ASIACRYPT 2004, Shirai and Preneel have proved that large numbers of S-boxes are guaranteed to be active if a diffusion matrix used in a round function is selected among multiple matrices. However the optimality of matrices required by the proofs sometimes pose restriction to find matrices suitable for actual blockciphers. In this paper, we extend their theory by replacing the condition of optimal mappings with general-type mappings, consequently the restriction is eliminated. Moreover, by combining known lower bounds for usual Feistel structure, we establish a method to estimate the guaranteed number of active S-boxes for arbitrary round numbers. We also demonstrate how the generalization enables us to mount wide variety of diffusion mappings by showing concrete examples.

[1]  Kyoji Shibutani,et al.  On the diffusion matrix employed in the Whirlpool hashing function , 2022 .

[2]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[3]  Lars R. Knudsen,et al.  Provable Security Against Differential Cryptanalysis , 1992, CRYPTO.

[4]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[5]  Bruce Schneier,et al.  The Twofish encryption algorithm: a 128-bit block cipher , 1999 .

[6]  Vincent Rijmen,et al.  The Cipher SHARK , 1996, FSE.

[7]  H. Feistel Cryptography and Computer Privacy , 1973 .

[8]  Taizo Shirai,et al.  Improved Upper Bounds of Differential and Linear Characteristic Probability for Camellia , 2002, FSE.

[9]  Masayuki Kanda,et al.  Practical Security Evaluation against Differential and Linear Cryptanalyses for Feistel Ciphers with SPN Round Function , 2000, Selected Areas in Cryptography.

[10]  Kyoji Shibutani,et al.  Improving Immunity of Feistel Ciphers against Differential Cryptanalysis by Using Multiple MDS Matrices , 2004, FSE.

[11]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[12]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[13]  Vincent Rijmen,et al.  Statistics of correlation and differentials in block ciphers , 2006 .

[14]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[15]  Bart Preneel,et al.  On Feistel Ciphers Using Optimal Diffusion Mappings Across Multiple Rounds , 2004, ASIACRYPT.

[16]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[17]  Vincent Rijmen,et al.  The WHIRLPOOL Hashing Function , 2003 .

[18]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[19]  Mitsuru Matsui,et al.  Camellia: A 128-Bit Block Cipher Suitable for Multiple Platforms - Design and Analysis , 2000, Selected Areas in Cryptography.

[20]  Bruce Schneier,et al.  Unbalanced Feistel Networks and Block Cipher Design , 1996, FSE.

[21]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[22]  Mitsuru Matsui,et al.  New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis , 1996, FSE.